package com.itools.core.config;

import com.itools.core.endpoint.AuthExceptionEntryPoint;
import com.itools.core.endpoint.CustomAccessDeniedHandler;
import com.itools.core.endpoint.CustomTokenExtractor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;

import javax.servlet.http.HttpServletResponse;

/**
 * @project: itools-backend
 * @description:
 * @author: XUCHANG
 * @create: 2021-06-21 15:22
 */
//@Order(value = 3)
@Configuration
@EnableResourceServer
public class ResourceServerConfig  extends ResourceServerConfigurerAdapter {

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http
            .csrf().disable()
            .exceptionHandling()
            .authenticationEntryPoint((request, response, authException) -> response.sendError(HttpServletResponse.SC_UNAUTHORIZED))
            .and()
            .authorizeRequests()
            .antMatchers("/oauth/**").permitAll()
            .anyRequest().authenticated()
            .and()
            .httpBasic();
    }
    //服务端不需要设置token和权限的endpoint
//    @Autowired
//    private AuthExceptionEntryPoint authExceptionEntryPoint;
//    @Autowired
//    private CustomAccessDeniedHandler customAccessDeniedHandler;
//    @Autowired
//    private CustomTokenExtractor customTokenExtractor;
//    @Override
//    public void configure(ResourceServerSecurityConfigurer resources) {
//        resources.tokenExtractor(customTokenExtractor);
//        resources.authenticationEntryPoint(authExceptionEntryPoint)
//                .accessDeniedHandler(customAccessDeniedHandler);
//    }
}
